]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet/mptcp_opt.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3248.20.55.tar.gz
[apple/xnu.git] / bsd / netinet / mptcp_opt.c
1 /*
2 * Copyright (c) 2012-2014 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <sys/param.h>
29 #include <sys/systm.h>
30 #include <netinet/in_systm.h>
31 #include <sys/socket.h>
32 #include <sys/socketvar.h>
33 #include <sys/syslog.h>
34 #include <net/route.h>
35 #include <netinet/in.h>
36 #include <net/if.h>
37
38 #include <netinet/ip.h>
39 #include <netinet/ip_var.h>
40 #include <netinet/in_var.h>
41 #include <netinet/tcp.h>
42 #include <netinet/tcp_var.h>
43 #include <netinet/tcp_seq.h>
44 #include <netinet/tcpip.h>
45 #include <netinet/tcp_fsm.h>
46 #include <netinet/mptcp_var.h>
47 #include <netinet/mptcp.h>
48 #include <netinet/mptcp_opt.h>
49 #include <netinet/mptcp_seq.h>
50
51 #include <libkern/crypto/sha1.h>
52 #include <netinet/mptcp_timer.h>
53
54 #include <mach/sdt.h>
55
56 /*
57 * SYSCTL for enforcing 64 bit dsn
58 */
59 int32_t force_64bit_dsn = 0;
60 SYSCTL_INT(_net_inet_mptcp, OID_AUTO, force_64bit_dsn,
61 CTLFLAG_RW|CTLFLAG_LOCKED, &force_64bit_dsn, 0,
62 "Force MPTCP 64bit dsn");
63
64
65 static int mptcp_validate_join_hmac(struct tcpcb *, u_char*, int);
66 static int mptcp_snd_mpprio(struct tcpcb *tp, u_char *cp, int optlen);
67
68 /*
69 * MPTCP Options Output Processing
70 */
71
72 static unsigned
73 mptcp_setup_first_subflow_syn_opts(struct socket *so, int flags, u_char *opt,
74 unsigned optlen)
75 {
76 struct tcpcb *tp = sototcpcb(so);
77 struct mptcb *mp_tp = NULL;
78 mp_tp = tptomptp(tp);
79
80 if (!(so->so_flags & SOF_MP_SUBFLOW))
81 return (optlen);
82
83 /*
84 * Avoid retransmitting the MP_CAPABLE option.
85 */
86 if (tp->t_rxtshift > mptcp_mpcap_retries)
87 return (optlen);
88
89 if ((flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
90 struct mptcp_mpcapable_opt_rsp mptcp_opt;
91 mptcp_key_t mp_localkey = 0;
92
93 mp_localkey = mptcp_get_localkey(mp_tp);
94 if (mp_localkey == 0) {
95 /* an embryonic connection was closed from above */
96 return (optlen);
97 }
98 bzero(&mptcp_opt,
99 sizeof (struct mptcp_mpcapable_opt_rsp));
100 mptcp_opt.mmc_common.mmco_kind = TCPOPT_MULTIPATH;
101 mptcp_opt.mmc_common.mmco_len =
102 sizeof (struct mptcp_mpcapable_opt_rsp);
103 mptcp_opt.mmc_common.mmco_subtype = MPO_CAPABLE;
104 MPT_LOCK_SPIN(mp_tp);
105 mptcp_opt.mmc_common.mmco_version = mp_tp->mpt_version;
106 mptcp_opt.mmc_common.mmco_flags |= MPCAP_PROPOSAL_SBIT;
107 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
108 mptcp_opt.mmc_common.mmco_flags |=
109 MPCAP_CHECKSUM_CBIT;
110 MPT_UNLOCK(mp_tp);
111 mptcp_opt.mmc_localkey = mp_localkey;
112 memcpy(opt + optlen, &mptcp_opt,
113 mptcp_opt.mmc_common.mmco_len);
114 optlen += mptcp_opt.mmc_common.mmco_len;
115 } else {
116 /* Only the SYN flag is set */
117 struct mptcp_mpcapable_opt_common mptcp_opt;
118 mptcp_key_t mp_localkey = 0;
119 mp_localkey = mptcp_get_localkey(mp_tp);
120 so->so_flags |= SOF_MPTCP_CLIENT;
121 if (mp_localkey == 0) {
122 /* an embryonic connection was closed */
123 return (optlen);
124 }
125 bzero(&mptcp_opt,
126 sizeof (struct mptcp_mpcapable_opt_common));
127 mptcp_opt.mmco_kind = TCPOPT_MULTIPATH;
128 mptcp_opt.mmco_len =
129 sizeof (struct mptcp_mpcapable_opt_common) +
130 sizeof (mptcp_key_t);
131 mptcp_opt.mmco_subtype = MPO_CAPABLE;
132 MPT_LOCK_SPIN(mp_tp);
133 mptcp_opt.mmco_version = mp_tp->mpt_version;
134 mptcp_opt.mmco_flags |= MPCAP_PROPOSAL_SBIT;
135 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
136 mptcp_opt.mmco_flags |= MPCAP_CHECKSUM_CBIT;
137 MPT_UNLOCK(mp_tp);
138 (void) memcpy(opt + optlen, &mptcp_opt,
139 sizeof (struct mptcp_mpcapable_opt_common));
140 optlen += sizeof (struct mptcp_mpcapable_opt_common);
141 (void) memcpy(opt + optlen, &mp_localkey,
142 sizeof (mptcp_key_t));
143 optlen += sizeof (mptcp_key_t);
144 }
145
146 return (optlen);
147 }
148
149 static unsigned
150 mptcp_setup_join_subflow_syn_opts(struct socket *so, int flags, u_char *opt,
151 unsigned optlen)
152 {
153 struct inpcb *inp = sotoinpcb(so);
154 struct tcpcb *tp = NULL;
155
156 if (!inp)
157 return (optlen);
158
159 tp = intotcpcb(inp);
160 if (!tp)
161 return (optlen);
162
163 if (!tp->t_mptcb)
164 return (optlen);
165
166 if ((flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
167 struct mptcp_mpjoin_opt_rsp mpjoin_rsp;
168 struct mptcb *mp_tp = tptomptp(tp);
169
170 if (mp_tp == NULL)
171 return (optlen);
172
173 MPT_LOCK(mp_tp);
174 if (mptcp_get_localkey(mp_tp) == 0) {
175 MPT_UNLOCK(mp_tp);
176 return (optlen);
177 }
178 MPT_UNLOCK(mp_tp);
179 bzero(&mpjoin_rsp, sizeof (mpjoin_rsp));
180 mpjoin_rsp.mmjo_kind = TCPOPT_MULTIPATH;
181 mpjoin_rsp.mmjo_len = sizeof (mpjoin_rsp);
182 mpjoin_rsp.mmjo_subtype_bkp = MPO_JOIN << 4;
183 if (tp->t_mpflags & TMPF_BACKUP_PATH)
184 mpjoin_rsp.mmjo_subtype_bkp |= MPTCP_BACKUP;
185 mpjoin_rsp.mmjo_addr_id = tp->t_local_aid;
186 mptcp_get_rands(tp->t_local_aid, tptomptp(tp),
187 &mpjoin_rsp.mmjo_rand, NULL);
188 mpjoin_rsp.mmjo_mac = mptcp_get_trunced_hmac(tp->t_local_aid,
189 mp_tp);
190 memcpy(opt + optlen, &mpjoin_rsp, mpjoin_rsp.mmjo_len);
191 optlen += mpjoin_rsp.mmjo_len;
192 } else {
193 struct mptcp_mpjoin_opt_req mpjoin_req;
194 bzero(&mpjoin_req, sizeof (mpjoin_req));
195 mpjoin_req.mmjo_kind = TCPOPT_MULTIPATH;
196 mpjoin_req.mmjo_len = sizeof (mpjoin_req);
197 mpjoin_req.mmjo_subtype_bkp = MPO_JOIN << 4;
198 /* A secondary subflow is started off as backup */
199 mpjoin_req.mmjo_subtype_bkp |= MPTCP_BACKUP;
200 tp->t_mpflags |= TMPF_BACKUP_PATH;
201 mpjoin_req.mmjo_addr_id = tp->t_local_aid;
202 mpjoin_req.mmjo_peer_token = mptcp_get_remotetoken(tp->t_mptcb);
203 if (mpjoin_req.mmjo_peer_token == 0) {
204 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: peer token 0",
205 __func__),
206 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
207 }
208 mptcp_get_rands(tp->t_local_aid, tptomptp(tp),
209 &mpjoin_req.mmjo_rand, NULL);
210 memcpy(opt + optlen, &mpjoin_req, mpjoin_req.mmjo_len);
211 optlen += mpjoin_req.mmjo_len;
212 /* send an event up, if Fast Join is requested */
213 if (mptcp_zerortt_fastjoin &&
214 (so->so_flags & SOF_MPTCP_FASTJOIN)) {
215 soevent(so,
216 (SO_FILT_HINT_LOCKED | SO_FILT_HINT_MPFASTJ));
217 }
218 }
219 return (optlen);
220 }
221
222 unsigned
223 mptcp_setup_join_ack_opts(struct tcpcb *tp, u_char *opt, unsigned optlen)
224 {
225 unsigned new_optlen;
226 struct mptcp_mpjoin_opt_rsp2 join_rsp2;
227
228 if ((MAX_TCPOPTLEN - optlen) < sizeof (struct mptcp_mpjoin_opt_rsp2)) {
229 printf("%s: no space left %d \n", __func__, optlen);
230 return (optlen);
231 }
232
233 bzero(&join_rsp2, sizeof (struct mptcp_mpjoin_opt_rsp2));
234 join_rsp2.mmjo_kind = TCPOPT_MULTIPATH;
235 join_rsp2.mmjo_len = sizeof (struct mptcp_mpjoin_opt_rsp2);
236 join_rsp2.mmjo_subtype = MPO_JOIN;
237 mptcp_get_hmac(tp->t_local_aid, tptomptp(tp),
238 (u_char*)&join_rsp2.mmjo_mac,
239 sizeof (join_rsp2.mmjo_mac));
240 memcpy(opt + optlen, &join_rsp2, join_rsp2.mmjo_len);
241 new_optlen = optlen + join_rsp2.mmjo_len;
242 tp->t_mpflags |= TMPF_FASTJOINBY2_SEND;
243 return (new_optlen);
244 }
245
246 unsigned
247 mptcp_setup_syn_opts(struct socket *so, int flags, u_char *opt, unsigned optlen)
248 {
249 unsigned new_optlen;
250
251 if (mptcp_enable == 0) {
252 /* do nothing */
253 return (optlen);
254 }
255
256 if (!(so->so_flags & SOF_MP_SEC_SUBFLOW)) {
257 new_optlen = mptcp_setup_first_subflow_syn_opts(so, flags, opt,
258 optlen);
259 } else {
260 /*
261 * To simulate SYN_ACK with no join opt, comment this line on
262 * OS X server side. This serves as a testing hook.
263 */
264 new_optlen = mptcp_setup_join_subflow_syn_opts(so, flags, opt,
265 optlen);
266 }
267 return (new_optlen);
268 }
269
270 static int
271 mptcp_send_mpfail(struct tcpcb *tp, u_char *opt, unsigned int optlen)
272 {
273 #pragma unused(tp, opt, optlen)
274
275 struct mptcb *mp_tp = NULL;
276 struct mptcp_mpfail_opt fail_opt;
277 uint64_t dsn;
278 int len = sizeof (struct mptcp_mpfail_opt);
279
280 mp_tp = tptomptp(tp);
281 if (mp_tp == NULL) {
282 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
283 return (optlen);
284 }
285
286 /* if option space low give up */
287 if ((MAX_TCPOPTLEN - optlen) < sizeof (struct mptcp_mpfail_opt)) {
288 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
289 return (optlen);
290 }
291
292 MPT_LOCK(mp_tp);
293 dsn = mp_tp->mpt_rcvnxt;
294 MPT_UNLOCK(mp_tp);
295
296 bzero(&fail_opt, sizeof (fail_opt));
297 fail_opt.mfail_kind = TCPOPT_MULTIPATH;
298 fail_opt.mfail_len = len;
299 fail_opt.mfail_subtype = MPO_FAIL;
300 fail_opt.mfail_dsn = mptcp_hton64(dsn);
301 memcpy(opt + optlen, &fail_opt, len);
302 optlen += len;
303 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
304 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: %d \n", __func__,
305 tp->t_local_aid), (MPTCP_SOCKET_DBG | MPTCP_SENDER_DBG),
306 MPTCP_LOGLVL_LOG);
307 return (optlen);
308 }
309
310 static int
311 mptcp_send_infinite_mapping(struct tcpcb *tp, u_char *opt, unsigned int optlen)
312 {
313 struct mptcp_dsn_opt infin_opt;
314 struct mptcb *mp_tp = NULL;
315 size_t len = sizeof (struct mptcp_dsn_opt);
316 struct socket *so = tp->t_inpcb->inp_socket;
317 int error = 0;
318 int csum_len = 0;
319
320 if (!so)
321 return (optlen);
322
323 mp_tp = tptomptp(tp);
324 if (mp_tp == NULL)
325 return (optlen);
326
327 MPT_LOCK(mp_tp);
328 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
329 csum_len = 2;
330
331 /* try later */
332 if ((MAX_TCPOPTLEN - optlen) < (len + csum_len)) {
333 MPT_UNLOCK(mp_tp);
334 return (optlen);
335 }
336 bzero(&infin_opt, sizeof (infin_opt));
337 infin_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
338 infin_opt.mdss_copt.mdss_len = len + csum_len;
339 infin_opt.mdss_copt.mdss_subtype = MPO_DSS;
340 infin_opt.mdss_copt.mdss_flags |= MDSS_M;
341 if (mp_tp->mpt_flags & MPTCPF_RECVD_MPFAIL) {
342 infin_opt.mdss_dsn = (u_int32_t)
343 MPTCP_DATASEQ_LOW32(mp_tp->mpt_dsn_at_csum_fail);
344 infin_opt.mdss_subflow_seqn = mp_tp->mpt_ssn_at_csum_fail;
345 } else {
346 infin_opt.mdss_dsn = (u_int32_t)
347 MPTCP_DATASEQ_LOW32(mp_tp->mpt_snduna);
348 infin_opt.mdss_subflow_seqn = tp->snd_una - tp->iss;
349 }
350 MPT_UNLOCK(mp_tp);
351 if (error != 0)
352 return (optlen);
353 if ((infin_opt.mdss_dsn == 0) || (infin_opt.mdss_subflow_seqn == 0)) {
354 return (optlen);
355 }
356 infin_opt.mdss_dsn = htonl(infin_opt.mdss_dsn);
357 infin_opt.mdss_subflow_seqn = htonl(infin_opt.mdss_subflow_seqn);
358 infin_opt.mdss_data_len = 0;
359
360 memcpy(opt + optlen, &infin_opt, len);
361 optlen += len;
362 if (csum_len != 0) {
363 /* The checksum field is set to 0 for infinite mapping */
364 uint16_t csum = 0;
365 memcpy(opt + optlen, &csum, csum_len);
366 optlen += csum_len;
367 }
368
369 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: dsn = %x, seq = %x len = %x\n",
370 __func__,
371 ntohl(infin_opt.mdss_dsn),
372 ntohl(infin_opt.mdss_subflow_seqn),
373 ntohs(infin_opt.mdss_data_len)),
374 (MPTCP_SOCKET_DBG | MPTCP_SENDER_DBG),
375 MPTCP_LOGLVL_LOG);
376
377 /* so->so_flags &= ~SOF_MPTCP_CLIENT; */
378 tp->t_mpflags |= TMPF_INFIN_SENT;
379 tcpstat.tcps_estab_fallback++;
380 return (optlen);
381 }
382
383
384 static int
385 mptcp_ok_to_fin(struct tcpcb *tp, u_int64_t dsn, u_int32_t datalen)
386 {
387 struct mptcb *mp_tp = NULL;
388 mp_tp = tptomptp(tp);
389
390 MPT_LOCK(mp_tp);
391 dsn = (mp_tp->mpt_sndmax & MPTCP_DATASEQ_LOW32_MASK) | dsn;
392 if ((dsn + datalen) == mp_tp->mpt_sndmax) {
393 MPT_UNLOCK(mp_tp);
394 return (1);
395 }
396 MPT_UNLOCK(mp_tp);
397 return (0);
398 }
399
400
401 /* Must be called from tcp_output to fill in the fast close option */
402 static int
403 mptcp_send_fastclose(struct tcpcb *tp, u_char *opt, unsigned int optlen,
404 int flags)
405 {
406 struct mptcp_fastclose_opt fastclose_opt;
407 struct mptcb *mp_tp = tptomptp(tp);
408
409 /* Only ACK flag should be set */
410 if (flags != TH_ACK)
411 return (optlen);
412
413 if ((MAX_TCPOPTLEN - optlen) <
414 sizeof (struct mptcp_fastclose_opt)) {
415 return (optlen);
416 }
417
418 bzero(&fastclose_opt, sizeof (struct mptcp_fastclose_opt));
419 fastclose_opt.mfast_kind = TCPOPT_MULTIPATH;
420 fastclose_opt.mfast_len = sizeof (struct mptcp_fastclose_opt);
421 fastclose_opt.mfast_subtype = MPO_FASTCLOSE;
422 MPT_LOCK_SPIN(mp_tp);
423 fastclose_opt.mfast_key = mptcp_get_remotekey(mp_tp);
424 MPT_UNLOCK(mp_tp);
425 memcpy(opt + optlen, &fastclose_opt, fastclose_opt.mfast_len);
426 optlen += fastclose_opt.mfast_len;
427
428 return (optlen);
429 }
430
431 unsigned int
432 mptcp_setup_opts(struct tcpcb *tp, int32_t off, u_char *opt,
433 unsigned int optlen, int flags, int datalen,
434 unsigned int **dss_lenp, u_int8_t **finp, u_int64_t *dss_valp,
435 u_int32_t **sseqp, boolean_t *p_mptcp_acknow)
436 {
437 struct inpcb *inp = (struct inpcb *)tp->t_inpcb;
438 struct socket *so = inp->inp_socket;
439 struct mptcb *mp_tp = tptomptp(tp);
440 boolean_t do_csum = FALSE;
441 boolean_t send_64bit_dsn = FALSE;
442 boolean_t send_64bit_ack = FALSE;
443 u_int32_t old_mpt_flags = tp->t_mpflags &
444 (TMPF_SND_MPPRIO | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
445 TMPF_MPCAP_RETRANSMIT);
446
447 if ((mptcp_enable == 0) ||
448 (mp_tp == NULL) ||
449 (mp_tp->mpt_flags & MPTCPF_PEEL_OFF) ||
450 (tp->t_state == TCPS_CLOSED)) {
451 /* do nothing */
452 goto ret_optlen;
453 }
454
455 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM) {
456 do_csum = TRUE;
457 }
458
459 /* tcp_output handles the SYN path separately */
460 if (flags & TH_SYN) {
461 goto ret_optlen;
462 }
463
464 if ((MAX_TCPOPTLEN - optlen) <
465 sizeof (struct mptcp_mpcapable_opt_common)) {
466 mptcplog((LOG_ERR, "MPTCP Socket: "
467 "%s: no space left %d flags %x "
468 "tp->t_mpflags %x "
469 "len %d\n", __func__, optlen, flags, tp->t_mpflags,
470 datalen), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
471 goto ret_optlen;
472 }
473
474 if (tp->t_mpflags & TMPF_FASTCLOSE) {
475 optlen = mptcp_send_fastclose(tp, opt, optlen, flags);
476 VERIFY(datalen == 0);
477 goto ret_optlen;
478 }
479
480 if (tp->t_mpflags & TMPF_TCP_FALLBACK) {
481 if (tp->t_mpflags & TMPF_SND_MPFAIL)
482 optlen = mptcp_send_mpfail(tp, opt, optlen);
483 else if (!(tp->t_mpflags & TMPF_INFIN_SENT))
484 optlen = mptcp_send_infinite_mapping(tp, opt, optlen);
485 goto ret_optlen;
486 }
487
488 if (tp->t_mpflags & TMPF_SND_MPPRIO) {
489 optlen = mptcp_snd_mpprio(tp, opt, optlen);
490 goto ret_optlen;
491 }
492
493 if (((tp->t_mpflags & TMPF_FASTJOINBY2_SEND) ||
494 (tp->t_mpflags & TMPF_FASTJOIN_SEND )) &&
495 (datalen > 0)) {
496 tp->t_mpflags &= ~TMPF_FASTJOINBY2_SEND;
497 tp->t_mpflags &= ~TMPF_FASTJOIN_SEND;
498 goto fastjoin_send;
499 }
500
501 if (((tp->t_mpflags & TMPF_PREESTABLISHED) &&
502 (!(tp->t_mpflags & TMPF_SENT_KEYS)) &&
503 (!(tp->t_mpflags & TMPF_JOINED_FLOW))) ||
504 (tp->t_mpflags & TMPF_MPCAP_RETRANSMIT)) {
505 struct mptcp_mpcapable_opt_rsp1 mptcp_opt;
506 if ((MAX_TCPOPTLEN - optlen) <
507 sizeof (struct mptcp_mpcapable_opt_rsp1))
508 goto ret_optlen;
509 bzero(&mptcp_opt, sizeof (struct mptcp_mpcapable_opt_rsp1));
510 mptcp_opt.mmc_common.mmco_kind = TCPOPT_MULTIPATH;
511 mptcp_opt.mmc_common.mmco_len =
512 sizeof (struct mptcp_mpcapable_opt_rsp1);
513 mptcp_opt.mmc_common.mmco_subtype = MPO_CAPABLE;
514 mptcp_opt.mmc_common.mmco_version = mp_tp->mpt_version;
515 /* HMAC-SHA1 is the proposal */
516 mptcp_opt.mmc_common.mmco_flags |= MPCAP_PROPOSAL_SBIT;
517 MPT_LOCK(mp_tp);
518 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
519 mptcp_opt.mmc_common.mmco_flags |= MPCAP_CHECKSUM_CBIT;
520 mptcp_opt.mmc_localkey = mptcp_get_localkey(mp_tp);
521 mptcp_opt.mmc_remotekey = mptcp_get_remotekey(mp_tp);
522 MPT_UNLOCK(mp_tp);
523 memcpy(opt + optlen, &mptcp_opt, mptcp_opt.mmc_common.mmco_len);
524 optlen += mptcp_opt.mmc_common.mmco_len;
525 tp->t_mpflags |= TMPF_SENT_KEYS | TMPF_MPTCP_TRUE;
526 so->so_flags |= SOF_MPTCP_TRUE;
527 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
528 tp->t_mpflags &= ~TMPF_MPCAP_RETRANSMIT;
529
530 if (!tp->t_mpuna) {
531 tp->t_mpuna = tp->snd_una;
532 } else {
533 /* its a retransmission of the MP_CAPABLE ACK */
534 }
535 goto ret_optlen;
536 } else if (tp->t_mpflags & TMPF_MPTCP_TRUE) {
537 if (tp->t_mpflags & TMPF_SND_REM_ADDR) {
538 int rem_opt_len = sizeof (struct mptcp_remaddr_opt);
539 if ((optlen + rem_opt_len) <= MAX_TCPOPTLEN) {
540 mptcp_send_remaddr_opt(tp,
541 (struct mptcp_remaddr_opt *)(opt + optlen));
542 optlen += rem_opt_len;
543 goto ret_optlen;
544 } else {
545 tp->t_mpflags &= ~TMPF_SND_REM_ADDR;
546 }
547 }
548 }
549
550 if ((tp->t_mpflags & TMPF_JOINED_FLOW) &&
551 (tp->t_mpflags & TMPF_PREESTABLISHED) &&
552 (!(tp->t_mpflags & TMPF_RECVD_JOIN)) &&
553 (tp->t_mpflags & TMPF_SENT_JOIN) &&
554 (!(tp->t_mpflags & TMPF_MPTCP_TRUE))) {
555 MPT_LOCK(mp_tp);
556 if (mptcp_get_localkey(mp_tp) == 0) {
557 MPT_UNLOCK(mp_tp);
558 goto ret_optlen;
559 }
560 MPT_UNLOCK(mp_tp);
561 /* Do the ACK part */
562 optlen = mptcp_setup_join_ack_opts(tp, opt, optlen);
563 if (!tp->t_mpuna) {
564 tp->t_mpuna = tp->snd_una;
565 }
566 /* Start a timer to retransmit the ACK */
567 tp->t_timer[TCPT_JACK_RXMT] =
568 OFFSET_FROM_START(tp, tcp_jack_rxmt);
569 goto ret_optlen;
570 }
571
572 if (!(tp->t_mpflags & TMPF_MPTCP_TRUE))
573 goto ret_optlen;
574 fastjoin_send:
575 /*
576 * From here on, all options are sent only if MPTCP_TRUE
577 * or when data is sent early on as in Fast Join
578 */
579
580 MPT_LOCK(mp_tp);
581 if ((mp_tp->mpt_flags & MPTCPF_SND_64BITDSN) || force_64bit_dsn) {
582 send_64bit_dsn = TRUE;
583 }
584 if (mp_tp->mpt_flags & MPTCPF_SND_64BITACK) {
585 send_64bit_ack = TRUE;
586 }
587 MPT_UNLOCK(mp_tp);
588
589 #define CHECK_OPTLEN { \
590 if ((MAX_TCPOPTLEN - optlen) < len) { \
591 mptcplog((LOG_ERR, "MPTCP Socket: " \
592 "%s: len %d optlen %d \n", __func__, len, optlen), \
593 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); \
594 goto ret_optlen; \
595 } \
596 }
597
598 #define DO_FIN(dsn_opt) { \
599 int sndfin = 0; \
600 sndfin = mptcp_ok_to_fin(tp, dsn_opt.mdss_dsn, datalen); \
601 if (sndfin) { \
602 dsn_opt.mdss_copt.mdss_flags |= MDSS_F; \
603 *finp = opt + optlen + offsetof(struct mptcp_dss_copt, \
604 mdss_flags); \
605 dsn_opt.mdss_data_len += 1; \
606 } \
607 }
608
609 #define CHECK_DATALEN { \
610 /* MPTCP socket does not support IP options */ \
611 if ((datalen + optlen + len) > tp->t_maxopd) { \
612 mptcplog((LOG_ERR, "MPTCP Socket: " \
613 "%s: nosp %d len %d opt %d %d %d\n", \
614 __func__, datalen, len, optlen, \
615 tp->t_maxseg, tp->t_maxopd), \
616 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); \
617 /* remove option length from payload len */ \
618 datalen = tp->t_maxopd - optlen - len; \
619 } \
620 }
621
622 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
623 (send_64bit_dsn)) {
624 /*
625 * If there was the need to send 64-bit Data ACK along
626 * with 64-bit DSN, then 26 or 28 bytes would be used.
627 * With timestamps and NOOP padding that will cause
628 * overflow. Hence, in the rare event that both 64-bit
629 * DSN and 64-bit ACK have to be sent, delay the send of
630 * 64-bit ACK until our 64-bit DSN is acked with a 64-bit ack.
631 * XXX If this delay causes issue, remove the 2-byte padding.
632 */
633 struct mptcp_dss64_ack32_opt dsn_ack_opt;
634 unsigned int len = sizeof (dsn_ack_opt);
635
636 if (do_csum) {
637 len += 2;
638 }
639
640 CHECK_OPTLEN;
641
642 bzero(&dsn_ack_opt, sizeof (dsn_ack_opt));
643 dsn_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
644 dsn_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
645 dsn_ack_opt.mdss_copt.mdss_len = len;
646 dsn_ack_opt.mdss_copt.mdss_flags |=
647 MDSS_M | MDSS_m | MDSS_A;
648
649 CHECK_DATALEN;
650
651 mptcp_output_getm_dsnmap64(so, off, (u_int32_t)datalen,
652 &dsn_ack_opt.mdss_dsn,
653 &dsn_ack_opt.mdss_subflow_seqn,
654 &dsn_ack_opt.mdss_data_len);
655
656 *dss_valp = dsn_ack_opt.mdss_dsn;
657
658 if ((dsn_ack_opt.mdss_data_len == 0) ||
659 (dsn_ack_opt.mdss_dsn == 0)) {
660 goto ret_optlen;
661 }
662
663 if (tp->t_mpflags & TMPF_SEND_DFIN) {
664 DO_FIN(dsn_ack_opt);
665 }
666
667 MPT_LOCK(mp_tp);
668 dsn_ack_opt.mdss_ack =
669 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
670 MPT_UNLOCK(mp_tp);
671
672 dsn_ack_opt.mdss_dsn = mptcp_hton64(dsn_ack_opt.mdss_dsn);
673 dsn_ack_opt.mdss_subflow_seqn = htonl(
674 dsn_ack_opt.mdss_subflow_seqn);
675 dsn_ack_opt.mdss_data_len = htons(
676 dsn_ack_opt.mdss_data_len);
677 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
678 offsetof(struct mptcp_dss64_ack32_opt, mdss_data_len));
679
680 memcpy(opt + optlen, &dsn_ack_opt, sizeof (dsn_ack_opt));
681
682 if (do_csum) {
683 *sseqp = (u_int32_t *)(void *)(opt + optlen +
684 offsetof(struct mptcp_dss64_ack32_opt,
685 mdss_subflow_seqn));
686 }
687 optlen += len;
688 mptcplog((LOG_DEBUG,"MPTCP Socket: "
689 "%s: long DSS = %llx ACK = %llx \n",
690 __func__,
691 mptcp_ntoh64(dsn_ack_opt.mdss_dsn),
692 mptcp_ntoh64(dsn_ack_opt.mdss_ack)),
693 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_LOG);
694
695 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
696 goto ret_optlen;
697 }
698
699 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
700 (!send_64bit_dsn) &&
701 !(tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
702 struct mptcp_dsn_opt dsn_opt;
703 unsigned int len = sizeof (struct mptcp_dsn_opt);
704
705 if (do_csum) {
706 len += 2;
707 }
708
709 CHECK_OPTLEN;
710
711 bzero(&dsn_opt, sizeof (dsn_opt));
712 dsn_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
713 dsn_opt.mdss_copt.mdss_subtype = MPO_DSS;
714 dsn_opt.mdss_copt.mdss_len = len;
715 dsn_opt.mdss_copt.mdss_flags |= MDSS_M;
716
717 CHECK_DATALEN;
718
719 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
720 &dsn_opt.mdss_dsn,
721 &dsn_opt.mdss_subflow_seqn, &dsn_opt.mdss_data_len,
722 dss_valp);
723
724 if ((dsn_opt.mdss_data_len == 0) ||
725 (dsn_opt.mdss_dsn == 0)) {
726 goto ret_optlen;
727 }
728
729 if (tp->t_mpflags & TMPF_SEND_DFIN) {
730 DO_FIN(dsn_opt);
731 }
732
733 dsn_opt.mdss_dsn = htonl(dsn_opt.mdss_dsn);
734 dsn_opt.mdss_subflow_seqn = htonl(dsn_opt.mdss_subflow_seqn);
735 dsn_opt.mdss_data_len = htons(dsn_opt.mdss_data_len);
736 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
737 offsetof(struct mptcp_dsn_opt, mdss_data_len));
738 memcpy(opt + optlen, &dsn_opt, sizeof (dsn_opt));
739 if (do_csum) {
740 *sseqp = (u_int32_t *)(void *)(opt + optlen +
741 offsetof(struct mptcp_dsn_opt, mdss_subflow_seqn));
742 }
743 optlen += len;
744 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
745 goto ret_optlen;
746 }
747
748 /* 32-bit Data ACK option */
749 if ((tp->t_mpflags & TMPF_MPTCP_ACKNOW) &&
750 (!send_64bit_ack) &&
751 !(tp->t_mpflags & TMPF_SEND_DSN) &&
752 !(tp->t_mpflags & TMPF_SEND_DFIN)) {
753
754 struct mptcp_data_ack_opt dack_opt;
755 unsigned int len = 0;
756 do_ack32_only:
757 len = sizeof (dack_opt);
758
759 CHECK_OPTLEN;
760
761 bzero(&dack_opt, len);
762 dack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
763 dack_opt.mdss_copt.mdss_len = len;
764 dack_opt.mdss_copt.mdss_subtype = MPO_DSS;
765 dack_opt.mdss_copt.mdss_flags |= MDSS_A;
766 MPT_LOCK_SPIN(mp_tp);
767 dack_opt.mdss_ack =
768 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
769 MPT_UNLOCK(mp_tp);
770 memcpy(opt + optlen, &dack_opt, len);
771 optlen += len;
772 VERIFY(optlen <= MAX_TCPOPTLEN);
773 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
774 goto ret_optlen;
775 }
776
777 /* 64-bit Data ACK option */
778 if ((tp->t_mpflags & TMPF_MPTCP_ACKNOW) &&
779 (send_64bit_ack) &&
780 !(tp->t_mpflags & TMPF_SEND_DSN) &&
781 !(tp->t_mpflags & TMPF_SEND_DFIN)) {
782 struct mptcp_data_ack64_opt dack_opt;
783 unsigned int len = 0;
784 do_ack64_only:
785 len = sizeof (dack_opt);
786
787 CHECK_OPTLEN;
788
789 bzero(&dack_opt, len);
790 dack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
791 dack_opt.mdss_copt.mdss_len = len;
792 dack_opt.mdss_copt.mdss_subtype = MPO_DSS;
793 dack_opt.mdss_copt.mdss_flags |= (MDSS_A | MDSS_a);
794 MPT_LOCK_SPIN(mp_tp);
795 dack_opt.mdss_ack = mptcp_hton64(mp_tp->mpt_rcvnxt);
796 /*
797 * The other end should retransmit 64-bit DSN until it
798 * receives a 64-bit ACK.
799 */
800 mp_tp->mpt_flags &= ~MPTCPF_SND_64BITACK;
801 MPT_UNLOCK(mp_tp);
802 memcpy(opt + optlen, &dack_opt, len);
803 optlen += len;
804 VERIFY(optlen <= MAX_TCPOPTLEN);
805 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
806 goto ret_optlen;
807 }
808
809 /* 32-bit DSS+Data ACK option */
810 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
811 (!send_64bit_dsn) &&
812 (!send_64bit_ack) &&
813 (tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
814 struct mptcp_dss_ack_opt dss_ack_opt;
815 unsigned int len = sizeof (dss_ack_opt);
816
817 if (do_csum)
818 len += 2;
819
820 CHECK_OPTLEN;
821
822 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
823 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
824 dss_ack_opt.mdss_copt.mdss_len = len;
825 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
826 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_A | MDSS_M;
827 MPT_LOCK_SPIN(mp_tp);
828 dss_ack_opt.mdss_ack =
829 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
830 MPT_UNLOCK(mp_tp);
831
832 CHECK_DATALEN;
833
834 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
835 &dss_ack_opt.mdss_dsn,
836 &dss_ack_opt.mdss_subflow_seqn,
837 &dss_ack_opt.mdss_data_len,
838 dss_valp);
839
840 if ((dss_ack_opt.mdss_data_len == 0) ||
841 (dss_ack_opt.mdss_dsn == 0)) {
842 goto do_ack32_only;
843 }
844
845 if (tp->t_mpflags & TMPF_SEND_DFIN) {
846 DO_FIN(dss_ack_opt);
847 }
848
849 dss_ack_opt.mdss_dsn = htonl(dss_ack_opt.mdss_dsn);
850 dss_ack_opt.mdss_subflow_seqn =
851 htonl(dss_ack_opt.mdss_subflow_seqn);
852 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
853 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
854 offsetof(struct mptcp_dss_ack_opt, mdss_data_len));
855 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
856 if (do_csum) {
857 *sseqp = (u_int32_t *)(void *)(opt + optlen +
858 offsetof(struct mptcp_dss_ack_opt,
859 mdss_subflow_seqn));
860 }
861
862 optlen += len;
863
864 if (optlen > MAX_TCPOPTLEN)
865 panic("optlen too large");
866 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
867 goto ret_optlen;
868 }
869
870 /* 32-bit DSS + 64-bit DACK option */
871 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
872 (!send_64bit_dsn) &&
873 (send_64bit_ack) &&
874 (tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
875 struct mptcp_dss32_ack64_opt dss_ack_opt;
876 unsigned int len = sizeof (dss_ack_opt);
877
878 if (do_csum)
879 len += 2;
880
881 CHECK_OPTLEN;
882
883 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
884 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
885 dss_ack_opt.mdss_copt.mdss_len = len;
886 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
887 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_M | MDSS_A | MDSS_a;
888 MPT_LOCK_SPIN(mp_tp);
889 dss_ack_opt.mdss_ack =
890 mptcp_hton64(mp_tp->mpt_rcvnxt);
891 MPT_UNLOCK(mp_tp);
892
893 CHECK_DATALEN;
894
895 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
896 &dss_ack_opt.mdss_dsn, &dss_ack_opt.mdss_subflow_seqn,
897 &dss_ack_opt.mdss_data_len, dss_valp);
898
899 if ((dss_ack_opt.mdss_data_len == 0) ||
900 (dss_ack_opt.mdss_dsn == 0)) {
901 goto do_ack64_only;
902 }
903
904 if (tp->t_mpflags & TMPF_SEND_DFIN) {
905 DO_FIN(dss_ack_opt);
906 }
907
908 dss_ack_opt.mdss_dsn = htonl(dss_ack_opt.mdss_dsn);
909 dss_ack_opt.mdss_subflow_seqn =
910 htonl(dss_ack_opt.mdss_subflow_seqn);
911 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
912 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
913 offsetof(struct mptcp_dss32_ack64_opt, mdss_data_len));
914 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
915 if (do_csum) {
916 *sseqp = (u_int32_t *)(void *)(opt + optlen +
917 offsetof(struct mptcp_dss32_ack64_opt,
918 mdss_subflow_seqn));
919 }
920
921 optlen += len;
922
923 if (optlen > MAX_TCPOPTLEN)
924 panic("optlen too large");
925 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
926 goto ret_optlen;
927 }
928
929 if (tp->t_mpflags & TMPF_SEND_DFIN) {
930 struct mptcp_dss_ack_opt dss_ack_opt;
931 unsigned int len = sizeof (struct mptcp_dss_ack_opt);
932
933 if (do_csum)
934 len += 2;
935
936 CHECK_OPTLEN;
937
938 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
939
940 MPT_LOCK(mp_tp);
941 /*
942 * Data FIN occupies one sequence space.
943 * Don't send it if it has been Acked.
944 */
945 if (((mp_tp->mpt_sndnxt + 1) != mp_tp->mpt_sndmax) ||
946 (mp_tp->mpt_snduna == mp_tp->mpt_sndmax)) {
947 MPT_UNLOCK(mp_tp);
948 goto ret_optlen;
949 }
950
951 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
952 dss_ack_opt.mdss_copt.mdss_len = len;
953 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
954 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_A | MDSS_M | MDSS_F;
955 dss_ack_opt.mdss_ack =
956 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
957 dss_ack_opt.mdss_dsn =
958 htonl(MPTCP_DATASEQ_LOW32(mp_tp->mpt_sndnxt));
959 MPT_UNLOCK(mp_tp);
960 dss_ack_opt.mdss_subflow_seqn = 0;
961 dss_ack_opt.mdss_data_len = 1;
962 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
963 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
964 if (do_csum) {
965 *dss_valp = mp_tp->mpt_sndnxt;
966 *sseqp = (u_int32_t *)(void *)(opt + optlen +
967 offsetof(struct mptcp_dss_ack_opt,
968 mdss_subflow_seqn));
969 }
970 optlen += len;
971 }
972
973 ret_optlen:
974 if (TRUE == *p_mptcp_acknow ) {
975 VERIFY(old_mpt_flags != 0);
976 u_int32_t new_mpt_flags = tp->t_mpflags &
977 (TMPF_SND_MPPRIO | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
978 TMPF_MPCAP_RETRANSMIT);
979
980 /*
981 * If none of the above mpflags were acted on by
982 * this routine, reset these flags and set p_mptcp_acknow
983 * to false.
984 * XXX The reset value of p_mptcp_acknow can be used
985 * to communicate tcp_output to NOT send a pure ack without any
986 * MPTCP options as it will be treated as a dup ack.
987 * Since the instances of mptcp_setup_opts not acting on
988 * these options are mostly corner cases and sending a dup
989 * ack here would only have an impact if the system
990 * has sent consecutive dup acks before this false one,
991 * we haven't modified the logic in tcp_output to avoid
992 * that.
993 */
994 if ((old_mpt_flags == new_mpt_flags) || (new_mpt_flags == 0)) {
995 tp->t_mpflags &= ~(TMPF_SND_MPPRIO
996 | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
997 TMPF_MPCAP_RETRANSMIT);
998 *p_mptcp_acknow = FALSE;
999 mptcplog((LOG_DEBUG, "MPTCP Sender: %s: no action \n",
1000 __func__), MPTCP_SENDER_DBG, MPTCP_LOGLVL_LOG);
1001 } else {
1002 mptcplog((LOG_DEBUG, "MPTCP Sender: acknow set, "
1003 "old flags %x new flags %x \n",
1004 old_mpt_flags, new_mpt_flags),
1005 MPTCP_SENDER_DBG, MPTCP_LOGLVL_LOG);
1006 }
1007 }
1008
1009 return optlen;
1010 }
1011
1012 /*
1013 * MPTCP Options Input Processing
1014 */
1015
1016 static int
1017 mptcp_sanitize_option(struct tcpcb *tp, int mptcp_subtype)
1018 {
1019 struct mptcb *mp_tp = tptomptp(tp);
1020 int ret = 1;
1021
1022 if (mp_tp == NULL) {
1023 mptcplog((LOG_ERR, "MPTCP Socket: %s: NULL mpsocket \n",
1024 __func__), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1025 return (0);
1026 }
1027
1028 switch (mptcp_subtype) {
1029 case MPO_CAPABLE:
1030 break;
1031 case MPO_JOIN: /* fall through */
1032 case MPO_DSS: /* fall through */
1033 case MPO_FASTCLOSE: /* fall through */
1034 case MPO_FAIL: /* fall through */
1035 case MPO_REMOVE_ADDR: /* fall through */
1036 case MPO_ADD_ADDR: /* fall through */
1037 case MPO_PRIO: /* fall through */
1038 if (mp_tp->mpt_state < MPTCPS_ESTABLISHED)
1039 ret = 0;
1040 break;
1041 default:
1042 ret = 0;
1043 mptcplog((LOG_ERR, "MPTCP Socket: "
1044 "%s: type = %d \n", __func__,
1045 mptcp_subtype),
1046 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1047 break;
1048 }
1049 return (ret);
1050 }
1051
1052 static int
1053 mptcp_valid_mpcapable_common_opt(u_char *cp)
1054 {
1055 struct mptcp_mpcapable_opt_common *rsp =
1056 (struct mptcp_mpcapable_opt_common *)cp;
1057
1058 /* mmco_kind, mmco_len and mmco_subtype are validated before */
1059
1060 if (!(rsp->mmco_flags & MPCAP_PROPOSAL_SBIT))
1061 return (0);
1062
1063 if (rsp->mmco_flags & (MPCAP_BBIT | MPCAP_CBIT | MPCAP_DBIT |
1064 MPCAP_EBIT | MPCAP_FBIT | MPCAP_GBIT))
1065 return (0);
1066
1067 return (1);
1068 }
1069
1070
1071 static void
1072 mptcp_do_mpcapable_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1073 int optlen)
1074 {
1075 struct mptcp_mpcapable_opt_rsp1 *rsp1 = NULL;
1076 struct mptcp_mpcapable_opt_rsp *rsp = NULL;
1077 struct mptcb *mp_tp = tptomptp(tp);
1078
1079 #define MPTCP_OPT_ERROR_PATH(tp) { \
1080 tp->t_mpflags |= TMPF_RESET; \
1081 tcpstat.tcps_invalid_mpcap++; \
1082 if (tp->t_inpcb->inp_socket != NULL) { \
1083 soevent(tp->t_inpcb->inp_socket, \
1084 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); \
1085 } \
1086 }
1087
1088 /* Validate the kind, len, flags */
1089 if (mptcp_valid_mpcapable_common_opt(cp) != 1) {
1090 tcpstat.tcps_invalid_mpcap++;
1091 return;
1092 }
1093
1094 /* A SYN contains only the MP_CAPABLE option */
1095 if ((th->th_flags & (TH_SYN | TH_ACK)) == TH_SYN) {
1096 /* XXX passive side not supported yet */
1097 return;
1098 } else if ((th->th_flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
1099
1100 /* Handle old duplicate SYN/ACK retransmission */
1101 if (SEQ_GT(tp->rcv_nxt, (tp->irs + 1)))
1102 return;
1103
1104 /* handle SYN/ACK retransmission by acknowledging with ACK */
1105 if (mp_tp->mpt_state >= MPTCPS_ESTABLISHED) {
1106 tp->t_mpflags |= TMPF_MPCAP_RETRANSMIT;
1107 return;
1108 }
1109
1110 /* A SYN/ACK contains peer's key and flags */
1111 if (optlen != sizeof (struct mptcp_mpcapable_opt_rsp)) {
1112 /* complain */
1113 mptcplog((LOG_ERR, "MPTCP Socket: "
1114 "%s: SYN_ACK optlen = %d, sizeof mp opt = %lu \n",
1115 __func__, optlen,
1116 sizeof (struct mptcp_mpcapable_opt_rsp)),
1117 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1118 tcpstat.tcps_invalid_mpcap++;
1119 return;
1120 }
1121
1122 /*
1123 * If checksum flag is set, enable MPTCP checksum, even if
1124 * it was not negotiated on the first SYN.
1125 */
1126 if (((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1127 MPCAP_CHECKSUM_CBIT)
1128 mp_tp->mpt_flags |= MPTCPF_CHECKSUM;
1129
1130 rsp = (struct mptcp_mpcapable_opt_rsp *)cp;
1131 MPT_LOCK_SPIN(mp_tp);
1132 mp_tp->mpt_remotekey = rsp->mmc_localkey;
1133 /* For now just downgrade to the peer's version */
1134 mp_tp->mpt_peer_version = rsp->mmc_common.mmco_version;
1135 if (rsp->mmc_common.mmco_version < mp_tp->mpt_version) {
1136 mp_tp->mpt_version = rsp->mmc_common.mmco_version;
1137 tcpstat.tcps_mp_verdowngrade++;
1138 }
1139 MPT_UNLOCK(mp_tp);
1140 tp->t_mpflags |= TMPF_PREESTABLISHED;
1141
1142 } else if ((th->th_flags & TH_ACK) &&
1143 (tp->t_mpflags & TMPF_PREESTABLISHED)) {
1144
1145 /*
1146 * Verify checksum flag is set, if we initially negotiated
1147 * checksum.
1148 */
1149 if ((mp_tp->mpt_flags & MPTCPF_CHECKSUM) &&
1150 !(((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1151 MPCAP_CHECKSUM_CBIT)) {
1152 mptcplog((LOG_ERR, "MPTCP Socket: "
1153 "%s: checksum negotiation failure \n", __func__),
1154 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1155 MPTCP_OPT_ERROR_PATH(tp);
1156 return;
1157 }
1158
1159 if (!(mp_tp->mpt_flags & MPTCPF_CHECKSUM) &&
1160 (((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1161 MPCAP_CHECKSUM_CBIT)) {
1162 mptcplog((LOG_ERR, "MPTCP Socket: "
1163 "%s: checksum negotiation failure 2.\n", __func__),
1164 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1165 MPTCP_OPT_ERROR_PATH(tp);
1166 return;
1167 }
1168
1169 /*
1170 * The ACK of a three way handshake contains peer's key and
1171 * flags.
1172 */
1173 if (optlen != sizeof (struct mptcp_mpcapable_opt_rsp1)) {
1174 /* complain */
1175 mptcplog((LOG_ERR, "MPTCP Socket: "
1176 "%s: ACK optlen = %d , sizeof mp option = %lu, "
1177 " state = %d \n", __func__, optlen,
1178 sizeof (struct mptcp_mpcapable_opt_rsp1),
1179 tp->t_state), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1180 MPTCP_OPT_ERROR_PATH(tp);
1181 return;
1182 }
1183
1184 rsp1 = (struct mptcp_mpcapable_opt_rsp1 *)cp;
1185
1186 /* Skipping MPT_LOCK for invariant key */
1187 if (rsp1->mmc_remotekey != *mp_tp->mpt_localkey) {
1188 mptcplog((LOG_ERR, "MPTCP Socket: "
1189 "%s: key mismatch locally stored key. "
1190 "rsp = %llx local = %llx \n", __func__,
1191 rsp1->mmc_remotekey, *mp_tp->mpt_localkey),
1192 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1193 MPTCP_OPT_ERROR_PATH(tp);
1194 return;
1195 } else {
1196 /* We received both keys. Almost an MPTCP connection */
1197 /* Skipping MPT_LOCK for invariant key */
1198 if (mp_tp->mpt_remotekey != rsp1->mmc_localkey) {
1199 mptcplog((LOG_ERR, "MPTCP Socket: "
1200 "%s: keys don't match\n", __func__),
1201 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1202 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1203 MPTCP_OPT_ERROR_PATH(tp);
1204 return;
1205 }
1206 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1207 tp->t_mpflags |= TMPF_MPTCP_RCVD_KEY;
1208 tp->t_mpflags |= TMPF_MPTCP_TRUE;
1209 tp->t_inpcb->inp_socket->so_flags |= SOF_MPTCP_TRUE;
1210 MPT_LOCK(mp_tp);
1211 DTRACE_MPTCP2(state__change, struct mptcb *, mp_tp,
1212 uint32_t, 0 /* event */);
1213 mptcplog((LOG_DEBUG, "MPTCP State: "
1214 "MPTCPS_ESTABLISHED \n"),
1215 MPTCP_STATE_DBG, MPTCP_LOGLVL_LOG);
1216
1217 mp_tp->mpt_state = MPTCPS_ESTABLISHED;
1218 MPT_UNLOCK(mp_tp);
1219 }
1220 if (tp->t_mpuna) {
1221 tp->t_mpuna = 0;
1222 }
1223 }
1224 }
1225
1226
1227 static void
1228 mptcp_do_mpjoin_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th, int optlen)
1229 {
1230 #define MPTCP_JOPT_ERROR_PATH(tp) { \
1231 tp->t_mpflags |= TMPF_RESET; \
1232 tcpstat.tcps_invalid_joins++; \
1233 if (tp->t_inpcb->inp_socket != NULL) { \
1234 soevent(tp->t_inpcb->inp_socket, \
1235 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); \
1236 } \
1237 }
1238 int error = 0;
1239
1240 if ((th->th_flags & (TH_SYN | TH_ACK)) == TH_SYN) {
1241 /* We won't accept join requests as an active opener */
1242 if (tp->t_inpcb->inp_socket->so_flags & SOF_MPTCP_CLIENT) {
1243 MPTCP_JOPT_ERROR_PATH(tp);
1244 return;
1245 }
1246
1247 if (optlen != sizeof (struct mptcp_mpjoin_opt_req)) {
1248 mptcplog((LOG_ERR, "MPTCP Socket: "
1249 "%s: SYN: unexpected optlen = %d, mp option"
1250 "= %lu\n", __func__, optlen,
1251 sizeof (struct mptcp_mpjoin_opt_req)),
1252 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1253 /* send RST and close */
1254 MPTCP_JOPT_ERROR_PATH(tp);
1255 return;
1256 }
1257 /* not supported yet */
1258 return;
1259 #ifdef MPTCP_NOTYET
1260 struct mptcp_mpjoin_opt_req *join_req =
1261 (struct mptcp_mpjoin_opt_req *)cp;
1262 mp_so = mptcp_find_mpso(join_req->mmjo_peer_token);
1263 if (!mp_so) {
1264 mptcplog((LOG_ERR, "MPTCP Socket: "
1265 "%s: cannot find mp_so token = %x\n",
1266 __func__, join_req->mmjo_peer_token),
1267 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1268 /* send RST */
1269 MPTCP_JOPT_ERROR_PATH(tp);
1270 return;
1271 }
1272 if (tp->t_mpflags & TMPF_PREESTABLISHED) {
1273 return;
1274 }
1275 mp_so->ms_remote_addr_id = join_req->mmjo_addr_id;
1276 mp_so->ms_remote_rand = join_req->mmjo_rand;
1277 tp->t_mpflags |= TMPF_PREESTABLISHED | TMPF_JOINED_FLOW;
1278 tp->t_mpflags |= TMPF_RECVD_JOIN;
1279 tp->t_inpcb->inp_socket->so_flags |= SOF_MP_SEC_SUBFLOW;
1280 if (join_req->mmjo_subtype & MPTCP_BACKUP) {
1281 tp->t_mpflags |= TMPF_BACKUP_PATH;
1282 }
1283 #endif
1284 } else if ((th->th_flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
1285 struct mptcp_mpjoin_opt_rsp *join_rsp =
1286 (struct mptcp_mpjoin_opt_rsp *)cp;
1287
1288 if (optlen != sizeof (struct mptcp_mpjoin_opt_rsp)) {
1289 mptcplog((LOG_ERR, "MPTCP Socket: "
1290 "SYN_ACK: unexpected optlen = %d mp "
1291 "option = %lu\n", optlen,
1292 sizeof (struct mptcp_mpjoin_opt_rsp)),
1293 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1294 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1295 /* send RST and close */
1296 MPTCP_JOPT_ERROR_PATH(tp);
1297 return;
1298 }
1299
1300 mptcp_set_raddr_rand(tp->t_local_aid,
1301 tptomptp(tp),
1302 join_rsp->mmjo_addr_id, join_rsp->mmjo_rand);
1303 error = mptcp_validate_join_hmac(tp,
1304 (u_char*)&join_rsp->mmjo_mac, SHA1_TRUNCATED);
1305 if (error) {
1306 mptcplog((LOG_ERR, "MPTCP Socket: %s: "
1307 "SYN_ACK error = %d \n", __func__, error),
1308 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1309 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1310 /* send RST and close */
1311 MPTCP_JOPT_ERROR_PATH(tp);
1312 return;
1313 }
1314 tp->t_mpflags |= TMPF_SENT_JOIN;
1315 } else if ((th->th_flags & TH_ACK) &&
1316 (tp->t_mpflags & TMPF_PREESTABLISHED)) {
1317 struct mptcp_mpjoin_opt_rsp2 *join_rsp2 =
1318 (struct mptcp_mpjoin_opt_rsp2 *)cp;
1319
1320 if (optlen != sizeof (struct mptcp_mpjoin_opt_rsp2)) {
1321 mptcplog((LOG_ERR, "MPTCP Socket: "
1322 "ACK: unexpected optlen = %d mp option "
1323 "= %lu \n", optlen,
1324 sizeof (struct mptcp_mpjoin_opt_rsp2)),
1325 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1326
1327 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1328 /* send RST and close */
1329 MPTCP_JOPT_ERROR_PATH(tp);
1330 return;
1331 }
1332
1333 error = mptcp_validate_join_hmac(tp, join_rsp2->mmjo_mac,
1334 SHA1_RESULTLEN);
1335 if (error) {
1336 mptcplog((LOG_ERR, "MPTCP Socket: "
1337 "%s: ACK error = %d\n", __func__, error),
1338 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1339 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1340 MPTCP_JOPT_ERROR_PATH(tp);
1341 return;
1342 }
1343 tp->t_mpflags |= TMPF_MPTCP_TRUE;
1344 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1345 tp->t_flags |= TF_ACKNOW;
1346 tp->t_mpflags |= TMPF_MPTCP_ACKNOW;
1347 tp->t_inpcb->inp_socket->so_flags |= SOF_MPTCP_TRUE;
1348 }
1349 }
1350
1351 static int
1352 mptcp_validate_join_hmac(struct tcpcb *tp, u_char* hmac, int mac_len)
1353 {
1354 u_char digest[SHA1_RESULTLEN] = {0};
1355 struct mptcb *mp_tp = NULL;
1356 mptcp_key_t rem_key, loc_key;
1357 u_int32_t rem_rand, loc_rand;
1358
1359 mp_tp = tp->t_mptcb;
1360
1361 rem_rand = loc_rand = 0;
1362
1363 MPT_LOCK(mp_tp);
1364 rem_key = mp_tp->mpt_remotekey;
1365 loc_key = *mp_tp->mpt_localkey;
1366 MPT_UNLOCK(mp_tp);
1367
1368 mptcp_get_rands(tp->t_local_aid, mp_tp, &loc_rand, &rem_rand);
1369 if ((rem_rand == 0) || (loc_rand == 0))
1370 return (-1);
1371
1372 mptcp_hmac_sha1(rem_key, loc_key, rem_rand, loc_rand,
1373 digest, sizeof (digest));
1374
1375 if (bcmp(digest, hmac, mac_len) == 0)
1376 return (0); /* matches */
1377 else {
1378 printf("%s: remote key %llx local key %llx remote rand %x "
1379 "local rand %x \n", __func__, rem_key, loc_key,
1380 rem_rand, loc_rand);
1381 return (-1);
1382 }
1383 }
1384
1385 static void
1386 mptcp_do_dss_opt_ack_meat(u_int64_t full_dack, struct tcpcb *tp)
1387 {
1388 struct mptcb *mp_tp = tptomptp(tp);
1389 int close_notify = 0;
1390
1391 MPT_LOCK(mp_tp);
1392 if (MPTCP_SEQ_LEQ(full_dack, mp_tp->mpt_sndmax) &&
1393 MPTCP_SEQ_GEQ(full_dack, mp_tp->mpt_snduna)) {
1394 mptcp_data_ack_rcvd(mp_tp, tp, full_dack);
1395 if (mp_tp->mpt_state > MPTCPS_FIN_WAIT_2)
1396 close_notify = 1;
1397 MPT_UNLOCK(mp_tp);
1398 mptcp_notify_mpready(tp->t_inpcb->inp_socket);
1399 if (close_notify)
1400 mptcp_notify_close(tp->t_inpcb->inp_socket);
1401 if (mp_tp->mpt_flags & MPTCPF_RCVD_64BITACK) {
1402 mp_tp->mpt_flags &= ~MPTCPF_RCVD_64BITACK;
1403 mp_tp->mpt_flags &= ~MPTCPF_SND_64BITDSN;
1404 }
1405 } else {
1406 MPT_UNLOCK(mp_tp);
1407 mptcplog((LOG_ERR,"MPTCP Socket: "
1408 "%s: unexpected dack %llx snduna %llx "
1409 "sndmax %llx\n", __func__, full_dack,
1410 mp_tp->mpt_snduna, mp_tp->mpt_sndmax),
1411 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1412 MPTCP_LOGLVL_LOG);
1413 }
1414 }
1415
1416 static void
1417 mptcp_do_dss_opt_meat(u_char *cp, struct tcpcb *tp)
1418 {
1419 struct mptcp_dss_copt *dss_rsp = (struct mptcp_dss_copt *)cp;
1420 u_int64_t full_dack = 0;
1421 struct mptcb *mp_tp = tptomptp(tp);
1422 int csum_len = 0;
1423
1424 #define MPTCP_DSS_OPT_SZ_CHK(len, expected_len) { \
1425 if (len != expected_len) { \
1426 mptcplog((LOG_ERR, "MPTCP Socket: " \
1427 "%s: bad len = %d dss: %x \n", __func__, \
1428 len, dss_rsp->mdss_flags), \
1429 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG), \
1430 MPTCP_LOGLVL_LOG); \
1431 return; \
1432 } \
1433 }
1434
1435 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
1436 csum_len = 2;
1437
1438 dss_rsp->mdss_flags &= (MDSS_A|MDSS_a|MDSS_M|MDSS_m);
1439 switch (dss_rsp->mdss_flags) {
1440 case (MDSS_M):
1441 {
1442 /* 32-bit DSS, No Data ACK */
1443 struct mptcp_dsn_opt *dss_rsp1;
1444 dss_rsp1 = (struct mptcp_dsn_opt *)cp;
1445
1446 MPTCP_DSS_OPT_SZ_CHK(dss_rsp1->mdss_copt.mdss_len,
1447 sizeof (struct mptcp_dsn_opt) + csum_len);
1448 if (csum_len == 0)
1449 mptcp_update_dss_rcv_state(dss_rsp1, tp, 0);
1450 else
1451 mptcp_update_dss_rcv_state(dss_rsp1, tp,
1452 *(uint16_t *)(void *)(cp +
1453 (dss_rsp1->mdss_copt.mdss_len - csum_len)));
1454 break;
1455 }
1456 case (MDSS_A):
1457 {
1458 /* 32-bit Data ACK, no DSS */
1459 struct mptcp_data_ack_opt *dack_opt;
1460 dack_opt = (struct mptcp_data_ack_opt *)cp;
1461
1462 MPTCP_DSS_OPT_SZ_CHK(dack_opt->mdss_copt.mdss_len,
1463 sizeof (struct mptcp_data_ack_opt));
1464
1465 u_int32_t dack = dack_opt->mdss_ack;
1466 NTOHL(dack);
1467 MPT_LOCK_SPIN(mp_tp);
1468 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1469 MPT_UNLOCK(mp_tp);
1470 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1471 break;
1472 }
1473 case (MDSS_M | MDSS_A):
1474 {
1475 /* 32-bit Data ACK + 32-bit DSS */
1476 struct mptcp_dss_ack_opt *dss_ack_rsp;
1477 dss_ack_rsp = (struct mptcp_dss_ack_opt *)cp;
1478
1479 MPTCP_DSS_OPT_SZ_CHK(dss_ack_rsp->mdss_copt.mdss_len,
1480 sizeof (struct mptcp_dss_ack_opt) + csum_len);
1481
1482 u_int32_t dack = dss_ack_rsp->mdss_ack;
1483 NTOHL(dack);
1484 MPT_LOCK_SPIN(mp_tp);
1485 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1486 MPT_UNLOCK(mp_tp);
1487 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1488 if (csum_len == 0)
1489 mptcp_update_rcv_state_f(dss_ack_rsp, tp, 0);
1490 else
1491 mptcp_update_rcv_state_f(dss_ack_rsp, tp,
1492 *(uint16_t *)(void *)(cp +
1493 (dss_ack_rsp->mdss_copt.mdss_len -
1494 csum_len)));
1495 break;
1496 }
1497 case (MDSS_M | MDSS_m):
1498 {
1499 /* 64-bit DSS , No Data ACK */
1500 struct mptcp_dsn64_opt *dsn64;
1501 dsn64 = (struct mptcp_dsn64_opt *)cp;
1502 u_int64_t full_dsn;
1503
1504 MPTCP_DSS_OPT_SZ_CHK(dsn64->mdss_copt.mdss_len,
1505 sizeof (struct mptcp_dsn64_opt) + csum_len);
1506
1507 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1508 "%s: 64-bit M present.\n", __func__),
1509 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1510 MPTCP_LOGLVL_LOG);
1511
1512 MPT_LOCK_SPIN(mp_tp);
1513 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1514 MPT_UNLOCK(mp_tp);
1515
1516 full_dsn = mptcp_ntoh64(dsn64->mdss_dsn);
1517 NTOHL(dsn64->mdss_subflow_seqn);
1518 NTOHS(dsn64->mdss_data_len);
1519 if (csum_len == 0)
1520 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1521 dsn64->mdss_subflow_seqn,
1522 dsn64->mdss_data_len,
1523 0);
1524 else
1525 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1526 dsn64->mdss_subflow_seqn,
1527 dsn64->mdss_data_len,
1528 *(uint16_t *)(void *)(cp +
1529 dsn64->mdss_copt.mdss_len - csum_len));
1530 break;
1531 }
1532 case (MDSS_A | MDSS_a):
1533 {
1534 /* 64-bit Data ACK, no DSS */
1535 struct mptcp_data_ack64_opt *dack64;
1536 dack64 = (struct mptcp_data_ack64_opt *)cp;
1537
1538 MPTCP_DSS_OPT_SZ_CHK(dack64->mdss_copt.mdss_len,
1539 sizeof (struct mptcp_data_ack64_opt));
1540
1541 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1542 "%s: 64-bit A present. \n", __func__),
1543 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1544 MPTCP_LOGLVL_LOG);
1545
1546 MPT_LOCK_SPIN(mp_tp);
1547 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1548 MPT_UNLOCK(mp_tp);
1549
1550 full_dack = mptcp_ntoh64(dack64->mdss_ack);
1551 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1552 break;
1553 }
1554 case (MDSS_M | MDSS_m | MDSS_A):
1555 {
1556 /* 64-bit DSS + 32-bit Data ACK */
1557 struct mptcp_dss64_ack32_opt *dss_ack_rsp;
1558 dss_ack_rsp = (struct mptcp_dss64_ack32_opt *)cp;
1559
1560 MPTCP_DSS_OPT_SZ_CHK(dss_ack_rsp->mdss_copt.mdss_len,
1561 sizeof (struct mptcp_dss64_ack32_opt) + csum_len);
1562
1563 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1564 "%s: 64-bit M and 32-bit A present.\n", __func__),
1565 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1566 MPTCP_LOGLVL_LOG);
1567
1568 u_int32_t dack = dss_ack_rsp->mdss_ack;
1569 NTOHL(dack);
1570 MPT_LOCK_SPIN(mp_tp);
1571 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1572 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1573 MPT_UNLOCK(mp_tp);
1574 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1575 if (csum_len == 0)
1576 mptcp_update_rcv_state_g(dss_ack_rsp, tp, 0);
1577 else
1578 mptcp_update_rcv_state_g(dss_ack_rsp, tp,
1579 *(uint16_t *)(void *)(cp +
1580 dss_ack_rsp->mdss_copt.mdss_len -
1581 csum_len));
1582 break;
1583 }
1584 case (MDSS_M | MDSS_A | MDSS_a):
1585 {
1586 /* 32-bit DSS + 64-bit Data ACK */
1587 struct mptcp_dss32_ack64_opt *dss32_ack64_opt;
1588 dss32_ack64_opt = (struct mptcp_dss32_ack64_opt *)cp;
1589 u_int64_t full_dsn;
1590
1591 MPTCP_DSS_OPT_SZ_CHK(
1592 dss32_ack64_opt->mdss_copt.mdss_len,
1593 sizeof (struct mptcp_dss32_ack64_opt) + csum_len);
1594
1595 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1596 "%s: 32-bit M and 64-bit A present.\n", __func__),
1597 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1598 MPTCP_LOGLVL_LOG);
1599
1600 full_dack = mptcp_ntoh64(dss32_ack64_opt->mdss_ack);
1601 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1602 NTOHL(dss32_ack64_opt->mdss_dsn);
1603 MPT_LOCK_SPIN(mp_tp);
1604 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1605 MPTCP_EXTEND_DSN(mp_tp->mpt_rcvnxt,
1606 dss32_ack64_opt->mdss_dsn, full_dsn);
1607 MPT_UNLOCK(mp_tp);
1608 NTOHL(dss32_ack64_opt->mdss_subflow_seqn);
1609 NTOHS(dss32_ack64_opt->mdss_data_len);
1610 if (csum_len == 0)
1611 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1612 dss32_ack64_opt->mdss_subflow_seqn,
1613 dss32_ack64_opt->mdss_data_len, 0);
1614 else
1615 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1616 dss32_ack64_opt->mdss_subflow_seqn,
1617 dss32_ack64_opt->mdss_data_len,
1618 *(uint16_t *)(void *)(cp +
1619 dss32_ack64_opt->mdss_copt.mdss_len -
1620 csum_len));
1621 break;
1622 }
1623 case (MDSS_M | MDSS_m | MDSS_A | MDSS_a):
1624 {
1625 /* 64-bit DSS + 64-bit Data ACK */
1626 struct mptcp_dss64_ack64_opt *dss64_ack64;
1627 dss64_ack64 = (struct mptcp_dss64_ack64_opt *)cp;
1628 u_int64_t full_dsn;
1629
1630 MPTCP_DSS_OPT_SZ_CHK(dss64_ack64->mdss_copt.mdss_len,
1631 sizeof (struct mptcp_dss64_ack64_opt) + csum_len);
1632
1633 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1634 "%s: 64-bit M and 64-bit A present.\n", __func__),
1635 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1636 MPTCP_LOGLVL_LOG);
1637
1638 MPT_LOCK_SPIN(mp_tp);
1639 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1640 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1641 MPT_UNLOCK(mp_tp);
1642 full_dsn = mptcp_ntoh64(dss64_ack64->mdss_dsn);
1643 full_dack = mptcp_ntoh64(dss64_ack64->mdss_dsn);
1644 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1645 NTOHL(dss64_ack64->mdss_subflow_seqn);
1646 NTOHS(dss64_ack64->mdss_data_len);
1647 if (csum_len == 0)
1648 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1649 dss64_ack64->mdss_subflow_seqn,
1650 dss64_ack64->mdss_data_len, 0);
1651 else
1652 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1653 dss64_ack64->mdss_subflow_seqn,
1654 dss64_ack64->mdss_data_len,
1655 *(uint16_t *)(void *)(cp +
1656 dss64_ack64->mdss_copt.mdss_len -
1657 csum_len));
1658 break;
1659 }
1660 default:
1661 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1662 "%s: File bug, DSS flags = %x\n", __func__,
1663 dss_rsp->mdss_flags),
1664 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1665 MPTCP_LOGLVL_LOG);
1666 break;
1667 }
1668 }
1669
1670
1671 static void
1672 mptcp_do_fin_opt(struct tcpcb *tp)
1673 {
1674 struct mptcb *mp_tp = (struct mptcb *)tp->t_mptcb;
1675
1676 mptcplog((LOG_DEBUG,"MPTCP Socket: %s \n", __func__),
1677 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1678 MPTCP_LOGLVL_LOG);
1679
1680 if (!(tp->t_mpflags & TMPF_RECV_DFIN)) {
1681 if (mp_tp != NULL) {
1682 MPT_LOCK(mp_tp);
1683 mptcp_close_fsm(mp_tp, MPCE_RECV_DATA_FIN);
1684 MPT_UNLOCK(mp_tp);
1685
1686 if (tp->t_inpcb->inp_socket != NULL) {
1687 soevent(tp->t_inpcb->inp_socket,
1688 SO_FILT_HINT_LOCKED |
1689 SO_FILT_HINT_MPCANTRCVMORE);
1690 }
1691
1692 }
1693 tp->t_mpflags |= TMPF_RECV_DFIN;
1694 }
1695
1696 tp->t_mpflags |= TMPF_MPTCP_ACKNOW;
1697 /*
1698 * Since this is a data level FIN, TCP needs to be explicitly told
1699 * to send back an ACK on which the Data ACK is piggybacked.
1700 */
1701 tp->t_flags |= TF_ACKNOW;
1702 }
1703
1704 static void
1705 mptcp_do_dss_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th, int optlen)
1706 {
1707 #pragma unused(th, optlen)
1708 struct mptcb *mp_tp = (struct mptcb *)tp->t_mptcb;
1709
1710 if (!mp_tp)
1711 return;
1712
1713 /* We may get Data ACKs just during fallback, so don't ignore those */
1714 if ((tp->t_mpflags & TMPF_MPTCP_TRUE) ||
1715 (tp->t_mpflags & TMPF_TCP_FALLBACK)) {
1716 struct mptcp_dss_copt *dss_rsp = (struct mptcp_dss_copt *)cp;
1717
1718 if (dss_rsp->mdss_subtype == MPO_DSS) {
1719 if (dss_rsp->mdss_flags & MDSS_F) {
1720 mptcp_do_fin_opt(tp);
1721 }
1722
1723 mptcp_do_dss_opt_meat(cp, tp);
1724 }
1725 }
1726 }
1727
1728 static void
1729 mptcp_do_fastclose_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th)
1730 {
1731 struct mptcb *mp_tp = NULL;
1732 struct mptcp_fastclose_opt *fc_opt = (struct mptcp_fastclose_opt *)cp;
1733
1734 if (th->th_flags != TH_ACK)
1735 return;
1736
1737 mptcplog((LOG_DEBUG,"MPTCP Socket: %s: \n", __func__),
1738 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1739 MPTCP_LOGLVL_LOG);
1740
1741 if (fc_opt->mfast_len != sizeof (struct mptcp_fastclose_opt)) {
1742 tcpstat.tcps_invalid_opt++;
1743 return;
1744 }
1745
1746 mp_tp = (struct mptcb *)tp->t_mptcb;
1747 if (!mp_tp)
1748 return;
1749
1750 if (fc_opt->mfast_key != mptcp_get_localkey(mp_tp)) {
1751 tcpstat.tcps_invalid_opt++;
1752 return;
1753 }
1754
1755 /*
1756 * fastclose could make us more vulnerable to attacks, hence
1757 * accept only those that are at the next expected sequence number.
1758 */
1759 if (th->th_seq != tp->rcv_nxt) {
1760 tcpstat.tcps_invalid_opt++;
1761 return;
1762 }
1763
1764 /* Reset this flow */
1765 tp->t_mpflags |= TMPF_RESET;
1766
1767 if (tp->t_inpcb->inp_socket != NULL) {
1768 soevent(tp->t_inpcb->inp_socket,
1769 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST);
1770 }
1771 }
1772
1773
1774 static void
1775 mptcp_do_mpfail_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th)
1776 {
1777 struct mptcb *mp_tp = NULL;
1778 struct mptcp_mpfail_opt *fail_opt = (struct mptcp_mpfail_opt *)cp;
1779 u_int32_t mdss_subflow_seqn = 0;
1780 int error = 0;
1781
1782 /*
1783 * mpfail could make us more vulnerable to attacks. Hence accept
1784 * only those that are the next expected sequence number.
1785 */
1786 if (th->th_seq != tp->rcv_nxt) {
1787 tcpstat.tcps_invalid_opt++;
1788 return;
1789 }
1790
1791 /* A packet without RST, must atleast have the ACK bit set */
1792 if ((th->th_flags != TH_ACK) && (th->th_flags != TH_RST))
1793 return;
1794
1795 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: \n", __func__),
1796 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG), MPTCP_LOGLVL_LOG);
1797
1798 if (fail_opt->mfail_len != sizeof (struct mptcp_mpfail_opt))
1799 return;
1800
1801 mp_tp = (struct mptcb *)tp->t_mptcb;
1802 MPT_LOCK(mp_tp);
1803 mp_tp->mpt_flags |= MPTCPF_RECVD_MPFAIL;
1804 mp_tp->mpt_dsn_at_csum_fail = mptcp_hton64(fail_opt->mfail_dsn);
1805 MPT_UNLOCK(mp_tp);
1806 error = mptcp_get_map_for_dsn(tp->t_inpcb->inp_socket,
1807 mp_tp->mpt_dsn_at_csum_fail, &mdss_subflow_seqn);
1808 if (error == 0) {
1809 mp_tp->mpt_ssn_at_csum_fail = mdss_subflow_seqn;
1810 }
1811
1812 mptcp_notify_mpfail(tp->t_inpcb->inp_socket);
1813 }
1814
1815 void
1816 tcp_do_mptcp_options(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1817 struct tcpopt *to, int optlen)
1818 {
1819 int mptcp_subtype;
1820
1821 /* All MPTCP options have atleast 4 bytes */
1822 if (optlen < 4)
1823 return;
1824
1825 mptcp_subtype = (cp[2] >> 4);
1826
1827 if (mptcp_sanitize_option(tp, mptcp_subtype) == 0)
1828 return;
1829
1830 switch (mptcp_subtype) {
1831 case MPO_CAPABLE:
1832 mptcp_do_mpcapable_opt(tp, cp, th, optlen);
1833 break;
1834 case MPO_JOIN:
1835 mptcp_do_mpjoin_opt(tp, cp, th, optlen);
1836 break;
1837 case MPO_DSS:
1838 mptcp_do_dss_opt(tp, cp, th, optlen);
1839 break;
1840 case MPO_FASTCLOSE:
1841 mptcp_do_fastclose_opt(tp, cp, th);
1842 break;
1843 case MPO_FAIL:
1844 mptcp_do_mpfail_opt(tp, cp, th);
1845 break;
1846 case MPO_ADD_ADDR: /* fall through */
1847 case MPO_REMOVE_ADDR: /* fall through */
1848 case MPO_PRIO:
1849 to->to_flags |= TOF_MPTCP;
1850 break;
1851 default:
1852 break;
1853 }
1854 return;
1855 }
1856
1857 /*
1858 * MPTCP ADD_ADDR and REMOVE_ADDR options
1859 */
1860
1861 /*
1862 * ADD_ADDR is only placeholder code - not sent on wire
1863 * The ADD_ADDR option is not sent on wire because of security issues
1864 * around connection hijacking.
1865 */
1866 void
1867 mptcp_send_addaddr_opt(struct tcpcb *tp, struct mptcp_addaddr_opt *opt)
1868 {
1869
1870 opt->ma_kind = TCPOPT_MULTIPATH;
1871 opt->ma_len = sizeof (struct mptcp_addaddr_opt);
1872 opt->ma_subtype = MPO_ADD_ADDR;
1873 opt->ma_addr_id = tp->t_local_aid;
1874 #ifdef MPTCP_NOTYET
1875 struct inpcb *inp = tp->t_inpcb;
1876 if (inp->inp_vflag == AF_INET) {
1877 opt->ma_ipver = MA_IPVer_V4;
1878 bcopy((char *)&sin->sin_addr.s_addr, (char *)opt + opt->ma_len,
1879 sizeof (in_addr_t));
1880 opt->ma_len += sizeof (in_addr_t);
1881 } else if (inp->inp_vflag == AF_INET6) {
1882 opt->ma_ipver = MA_IPVer_V6;
1883 bcopy((char *)&sin6->sin6_addr, (char *)opt + opt->ma_len,
1884 sizeof (struct in6_addr));
1885 opt->ma_len += sizeof (struct in6_addr);
1886 }
1887 #if 0
1888 if (tp->t_mp_port) {
1889 /* add ports XXX */
1890 }
1891 #endif
1892 #endif
1893 }
1894
1895 /* REMOVE_ADDR option is sent when a source address goes away */
1896 void
1897 mptcp_send_remaddr_opt(struct tcpcb *tp, struct mptcp_remaddr_opt *opt)
1898 {
1899 mptcplog((LOG_DEBUG,"MPTCP Socket: %s: local id %d remove id %d \n",
1900 __func__, tp->t_local_aid, tp->t_rem_aid),
1901 (MPTCP_SOCKET_DBG|MPTCP_SENDER_DBG), MPTCP_LOGLVL_LOG);
1902
1903 bzero(opt, sizeof (*opt));
1904 opt->mr_kind = TCPOPT_MULTIPATH;
1905 opt->mr_len = sizeof (*opt);
1906 opt->mr_subtype = MPO_REMOVE_ADDR;
1907 opt->mr_addr_id = tp->t_rem_aid;
1908 tp->t_mpflags &= ~TMPF_SND_REM_ADDR;
1909 }
1910
1911 /*
1912 * MPTCP MP_PRIO option
1913 */
1914
1915 #if 0
1916 /*
1917 * Current implementation drops incoming MP_PRIO option and this code is
1918 * just a placeholder. The option is dropped because only the mobile client can
1919 * decide which of the subflows is preferred (usually wifi is preferred
1920 * over Cellular).
1921 */
1922 void
1923 mptcp_do_mpprio_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1924 int optlen)
1925 {
1926 int bkp = 0;
1927 struct mptcp_mpprio_opt *mpprio = (struct mptcp_mpprio_opt *)cp;
1928
1929 if ((tp == NULL) || !(tp->t_mpflags & TMPF_MPTCP_TRUE))
1930 return;
1931
1932 if ((mpprio->mpprio_len != sizeof (struct mptcp_mpprio_addr_opt)) &&
1933 (mpprio->mpprio_len != sizeof (struct mptcp_mpprio_opt)))
1934 return;
1935 }
1936 #endif
1937
1938 /* We send MP_PRIO option based on the values set by the SIOCSCONNORDER ioctl */
1939 static int
1940 mptcp_snd_mpprio(struct tcpcb *tp, u_char *cp, int optlen)
1941 {
1942 struct mptcp_mpprio_addr_opt mpprio;
1943
1944 if (tp->t_state != TCPS_ESTABLISHED) {
1945 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1946 return (optlen);
1947 }
1948
1949 if (mptcp_mpprio_enable != 1) {
1950 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1951 return (optlen);
1952 }
1953
1954 if ((MAX_TCPOPTLEN - optlen) <
1955 (int)sizeof (mpprio))
1956 return (optlen);
1957
1958 bzero(&mpprio, sizeof (mpprio));
1959 mpprio.mpprio_kind = TCPOPT_MULTIPATH;
1960 mpprio.mpprio_len = sizeof (mpprio);
1961 mpprio.mpprio_subtype = MPO_PRIO;
1962 if (tp->t_mpflags & TMPF_BACKUP_PATH)
1963 mpprio.mpprio_flags |= MPTCP_MPPRIO_BKP;
1964 mpprio.mpprio_addrid = tp->t_local_aid;
1965 memcpy(cp + optlen, &mpprio, sizeof (mpprio));
1966 optlen += sizeof (mpprio);
1967 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1968 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: aid = %d \n", __func__,
1969 tp->t_local_aid),
1970 (MPTCP_SOCKET_DBG|MPTCP_SENDER_DBG), MPTCP_LOGLVL_LOG);
1971 return (optlen);
1972 }
mirror of XNU